#!/bin/bash

IPT=/sbin/iptables

$IPT -F


#policies
$IPT -P OUTPUT	 ACCEPT
$IPT -P INPUT DROP
$IPT -P FORWARD DROP
$IPT -N SERVICES 
#ALLOWED SERVICES

$IPT -A INPUT --in-interface lo -j ACCEPT
$IPT -A INPUT -p tcp --dport 80 -j ACCEPT 
$IPT -A INPUT -p tcp --dport 22 -j ACCEPT

# RESPONSE 

$IPT -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

#ALLOW SERVICES 
$IPT -A SERVICES -p tcp --dport 80 -j ACCEPT 
$IPT -A SERVICES -p tcp --dport 22 -j ACCEPT



